Add unittests for net::TestRootCerts and regenerate test certificates

net/data/ssl/certificates/openssl_cert.cnf

Index: net/data/ssl/certificates/openssl_cert.cnf
diff --git a/net/data/ssl/certificates/openssl_cert.cnf b/net/data/ssl/certificates/openssl_cert.cnf
new file mode 100644
index 0000000000000000000000000000000000000000..f6a5b8b179b5f29c63bd95f2cd982083449196be
--- /dev/null
+++ b/net/data/ssl/certificates/openssl_cert.cnf
@@ -0,0 +1,23 @@
+# The default configuration to use when requesting a certificate to be used
+# as the server test certificate, whether OK or expired.
+[req]
+# Common configuration for all requests
+default_bits       = 1024
+default_md         = sha1
+string_mask        = utf8only
+prompt             = no
+encrypt_key        = no
+distinguished_name = req_dn
+req_extensions     = req_extensions
+
+[req_dn]
+C  = US
+ST = California
+L  = Mountain View
+O  = Test CA
+# TODO(wtc): Deprecate de facto, but not de jure, matching of iPAddress in

[wtc, 2010/12/08 19:58:22]

Are you sure?  I think we can put
  CN = Test Server
here.

[Ryan Sleevi, 2010/12/09 05:49:55]

I've updated the comment to reflect the two open bugs related to this:

http://crbug.com/20276 - TODO(wtc) and http://crbug.com/62973 - TODO(joth)

+# the commonName field
+CN = 127.0.0.1
+
+[req_extensions]
+subjectAltName = IP:127.0.0.1